What is the interval that you run this? > On Sep 12, 2018, at 4:53 PM, Paul Kosinski <[email protected]> wrote: > > Joel (and any other interested parties), > > Attached is the code we use to update ClamAV: 'getfreshclam' is run by > cron under userid clamav (same as clamd) every so often (currently > every 15 mins) to determine if there are any relevant cvd files to > update (currently daily.cvd, bytecode.cvd and main.cvd). > > Only if something is *really* there -- as determined by *both* the DNS > TXT record and quick 'curl' of the head of the cvd file -- is > 'freshclam' invoked to do the actual work. This ensures that running > the test pretty often doesn't put a big load on the servers. > > Notes to help understanding the code: > > 'testclam-external' does the DNS TXT and curl test. > > 'report-delays' logs the delays (or non- delays) found. > > We keep various recent versions of ClamAV in /opt/clamav.d, both for > testing, and in case we have to backtrack. Thus, /opt/clamav is a > symlink to the current version, as in: > > /opt/clamav -> /opt/clamav.d/clamav.0.100.1 > > > Enjoy! > Paul Kosinski > > > On Wed, 12 Sep 2018 15:41:23 +0000 > "Joel Esler (jesler)" <[email protected]> wrote: > >> Paul, >> >> Can you give me some more information on how you do this? How often >> is the check ran, etc. >> >> I am working with cloudflare on the issue now. >> >> On Sep 7, 2018, at 2:25 PM, Paul Kosinski >> <[email protected]<mailto:[email protected]>> wrote: >> >> Here is our recent CVD delay report showing how long the actual >> daily.cvd (and sometimes bytcode.cvd) file(s) lag behind the DNS TXT >> record. >> >> We are located near Boston, and the data comes via Comcast cable, but >> our DNS queries use our old, slow static-IP DSL. I keep it this way >> because there were stories about some major ISPs munging DSL replies >> (like replacing NXDOMAIN with an IP addresse of a Web site belonging >> to the ISP). Our DSL, on the other hand, doesn't ever do this, and >> even passes port 25, so we can send mail directly (rather than >> relaying through a possibly snoopy ISP.) >> >> 2018-08-18 05:03:02 No delay >> 2018-08-18 13:18:02 00:15:01 delay >> 2018-08-18 21:33:02 00:15:01 delay >> 2018-08-19 05:03:01 No delay >> 2018-08-19 14:03:01 00:44:59 delay >> 2018-08-19 21:18:02 00:15:00 delay >> 2018-08-20 05:33:02 00:30:01 delay >> 2018-08-20 13:33:02 00:30:00 delay >> 2018-08-20 21:03:02 No delay >> 2018-08-21 05:18:01 No delay >> 2018-08-21 13:03:01 No delay >> 2018-08-22 18:18:02 00:15:00 delay >> 2018-08-23 02:33:01 00:29:59 delay >> 2018-08-23 09:48:02 00:45:00 delay >> 2018-08-23 17:03:02 No delay >> 2018-08-24 02:18:02 01:15:00 delay >> 2018-08-24 09:33:02 00:30:00 delay >> 2018-08-24 18:48:02 00:30:01 delay >> 2018-08-25 01:18:02 No delay >> 2018-08-25 09:18:02 00:15:00 delay >> 2018-08-25 17:33:02 00:30:00 delay >> 2018-08-26 02:33:01 01:29:59 delay >> 2018-08-26 09:48:02 00:45:01 delay >> 2018-08-26 18:03:02 01:00:00 delay >> 2018-08-27 01:03:01 No delay >> 2018-08-27 09:18:02 00:15:00 delay >> 2018-08-27 17:33:01 00:29:59 delay >> 2018-08-28 01:48:02 00:45:00 delay >> 2018-08-28 09:18:02 No delay >> 2018-08-28 17:33:01 No delay >> 2018-08-29 01:18:01 00:14:59 delay >> 2018-08-29 09:33:02 00:30:01 delay >> 2018-08-29 17:48:01 00:45:00 delay >> 2018-08-30 01:03:01 No delay >> 2018-08-30 09:18:02 00:15:00 delay >> 2018-08-30 17:18:01 00:14:59 delay >> 2018-08-31 01:18:01 00:14:59 delay >> 2018-08-31 09:48:02 00:45:01 delay >> 2018-08-31 22:18:01 00:45:00 delay >> 2018-09-01 05:18:01 00:14:59 delay >> 2018-09-01 13:33:02 00:30:00 delay >> 2018-09-01 21:48:01 00:44:59 delay >> 2018-09-02 07:03:02 01:00:00 delay >> 2018-09-02 13:48:01 00:44:59 delay >> 2018-09-02 21:03:01 No delay >> 2018-09-03 05:03:02 No delay >> 2018-09-03 13:03:02 No delay >> 2018-09-03 21:03:01 No delay >> 2018-09-04 05:03:01 No delay >> 2018-09-04 13:03:02 No delay >> 2018-09-04 21:03:01 No delay >> 2018-09-05 05:03:02 No delay >> 2018-09-05 14:18:01 01:14:59 delay >> 2018-09-05 21:18:02 00:15:00 delay >> 2018-09-06 05:18:02 00:15:00 delay >> 2018-09-06 13:33:02 00:30:01 delay >> 2018-09-06 21:03:03 No delay >> 2018-09-07 05:18:02 00:15:00 delay > <reportdelays><testclam-external><getfreshclam>_______________________________________________ > clamav-users mailing list > [email protected] > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml
_______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
